Algorithm, Procedure and Device for the Protection of Financial Transactions

Zaharia Dragos

DESCRIPTION
At the present time the quasi-totality of financial transactions are performed using encryption algorithms. The most used algorithms are RSA and AES. However, it is estimated that the power of attacks performed against these algorithms doubles every year, resulting in the degree of protection offered by the used algorithms consequently decreasing each year. To face up to this phenomenon, the present project is proposing a new encryption procedure. This procedure is a mixture of already used encryption algorithms, time stamped elements and data delivered by Galileo. Time stamped elements involved in the proposed procedure are small amounts of data appended to the transaction (or its hash), which contain a piece of time information, as described in the standard ISO/IEC 18014. In addition, the linking procedure described by ISO/IEC 18014 is also used. Following the proposed procedure, the time stamp link is not performed together with any other time stamps (delivered in a predetermined time window), but with data measured and delivered by Galileo.
The pieces of data measured and delivered by Galileo need to have some essential features. E.g. they need:

to have random characteristics (in order to be unpredictable)

to have high as possible alternative values

to have an autocorrelation function with predetermined features

In order to access some of these data, a Galileo receiver will eventually be needed in all places from where/to which transactions are performed.

INNOVATION
The innovation features of the proposed procedure are: the 100% algorithmic structure of the existing solutions is replaced with a mixture, where the encryption algorithm is only one part of the process. This makes the procedure more immune to attack. The present procedure introduces strong technological limits concerning the type and number of entities able to perform successful attacks against it.

TARGET MARKET
Financial institutions, banks and companies where their activity requests a strong level of data protection, companies specialised in secure data transaction and government agencies.